<?xml version="1.0" encoding="UTF-8"?>
<b:beans xmlns="http://www.springframework.org/schema/security"
	xmlns:b="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
	xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.0.xsd">
	<http access-denied-page="/403.jsp">
		<intercept-url pattern="/services/**" filters="none" />
		<intercept-url pattern="/login.jsp" filters="none" />
		<intercept-url pattern="/index.jsp" filters="none" />
		<intercept-url pattern="/css/**" filters="none" />
		<intercept-url pattern="/pcss/**" filters="none" />
		<intercept-url pattern="/js/**" filters="none" />
		<intercept-url pattern="/javascript/**" filters="none" />
		<intercept-url pattern="/_global/resource/**" filters="none" />
		<intercept-url pattern="/images/**" filters="none" />
		<intercept-url pattern="/403.jsp" filters="none" />
		<intercept-url pattern="/404.jsp" filters="none" />
		<intercept-url pattern="/error.jsp" filters="none" />
		<intercept-url pattern="/dwr/**" filters="none" />
		<intercept-url pattern="/upload/**" filters="none" />
		<intercept-url pattern="/downloadAttachment" filters="none" />
		<intercept-url pattern="/component/**" filters="none" />
		<intercept-url pattern="/sendLogin.jsp" filters="none" />
		<http-basic />
		<form-login login-page="/login.jsp" default-target-url="/index.jsp"
			always-use-default-target="true" authentication-success-handler-ref="loginSuccessHandler" />
		<!--<logout invalidate-session="true" logout-success-url="/login.jsp" />
		--><!--
			<logout invalidate-session="true"
			success-handler-ref="simpleLogoutSuccessHandler" />
		-->
		<remember-me services-ref="rememberMeServices" />
        <custom-filter position="LOGOUT_FILTER" ref="logoutFilter" />

		<custom-filter ref="resourceSecurityInterceptor" after="FILTER_SECURITY_INTERCEPTOR" />
		<custom-filter ref="checkUserStatusFilter" position="LAST" />
	</http>

	<b:bean id="logoutFilter"
  class="org.springframework.security.web.authentication.logout.LogoutFilter">
     <b:constructor-arg value="/login.jsp"></b:constructor-arg>
     
     <b:constructor-arg>
       <b:list>
        <b:ref local="rememberMeServices" />
        <b:bean class="org.springframework.security.web.authentication.logout.SecurityContextLogoutHandler"></b:bean>
        </b:list>
     </b:constructor-arg>
     <b:property name="filterProcessesUrl" value="/j_spring_security_logout"></b:property>
  </b:bean>
	
	
	
	<b:bean id="rememberMeServices"
		class="org.springframework.security.web.authentication.rememberme.TokenBasedRememberMeServices">
		<b:property name="userDetailsService" ref="securityManager"></b:property>
		<b:property name="key" value="_spring_security_remember_me"></b:property>
		<b:property name="alwaysRemember" value="false"></b:property>
		<b:property name="tokenValiditySeconds" value="1209600"></b:property>
		<b:property name="parameter" value="_spring_security_remember_me"></b:property>
	</b:bean>
	<b:bean id="rememberMeAuthenticationProvider"
		class="org.springframework.security.authentication.RememberMeAuthenticationProvider">
		<b:property name="key" value="_spring_security_remember_me"></b:property>
	</b:bean>


	<authentication-manager alias="authenticationManager">
		<authentication-provider user-service-ref="securityManager">
			<!-- <password-encoder hash="md5" /> -->
		</authentication-provider>
	</authentication-manager>
	<b:bean id="securityManager" class="com.base.security.support.DefaultSecurityManager">
		<b:property name="securityEntityManager" ref="securityEntityManager" />
	</b:bean>
	<!-- 必须满足所有条件才能通过 -->
	<b:bean id="accessDecisionManager"
		class="org.springframework.security.access.vote.AffirmativeBased">
		<b:property name="allowIfAllAbstainDecisions" value="false" />
		<b:property name="decisionVoters">
			<b:list>
				<b:bean class="org.springframework.security.access.vote.RoleVoter" />
				<!--
					<b:bean
					class="org.springframework.security.access.vote.AuthenticatedVoter"
					/>
				-->
			</b:list>
		</b:property>
	</b:bean>
	<b:bean id="resourceSecurityInterceptor"
		class="org.springframework.security.web.access.intercept.FilterSecurityInterceptor">
		<b:property name="authenticationManager" ref="authenticationManager" />
		<b:property name="accessDecisionManager" ref="accessDecisionManager" />
		<b:property name="securityMetadataSource" ref="bpFilterInvocationSecurityMetadataSource" />
		<b:property name="observeOncePerRequest" value="false" />
		<b:property name="validateConfigAttributes" value="true" />
	</b:bean>
	<b:bean id="bpFilterInvocationSecurityMetadataSource"
		class="com.base.security.interceptor.BPFilterInvocationSecurityMetadataSource">
		<b:property name="securityManager" ref="securityManager" />
	</b:bean>
	<b:bean id="messageSource"
		class="org.springframework.context.support.ReloadableResourceBundleMessageSource">
		<b:property name="basename"
			value="classpath:org/springframework/security/messages_zh_CN"></b:property>
	</b:bean>
</b:beans>
